SlideShare a Scribd company logo

Application layer security protocol

K
Kirti Ahirrao

Application Layer Security Protocol Types of Application Layer Security Protocol Security-enhanced application protocol Authentication & key distribution system AKA in CDMA AKA in UMTS Layering security protocol

Education
1 of 13
Download to read offline
Application Layer Security Protocol By Prof. Kirti Ahirrao
Index: • Introduction to Application Layer • Types of Application Layer Protocols • Security-Enhanced Application Layer Protocol • Authentication & Key Distribution System • AKA in CDMA & UMTS • Layering Security Protocol above the Application Layer Prof. Kirti Ahirrao 2
Application Layer • It is an abstraction layer. • It specifies the shared communications protocols. • It uses interface methods by hosts in a communications network. • The application layer abstraction used in both of the standard models : TCP/IP suite & OSI model. Prof. Kirti Ahirrao 3
Application Layer • It is the closest layer to the end user, • It provides hackers with the largest threat surface. • Poor app layer security can lead to performance and stability issues, data theft, and in some cases the network being taken down. • Application layer attacks include distributed denial-of-service attacks (DDoS) attacks, HTTP floods, SQL injections, cross-site scripting, parameter tampering. • Most organizations have application layer security protections, such as web application firewalls (WAFs), secure web gateway services, and others. Prof. Kirti Ahirrao 4
Types of Application Layer Protocol • Remote login to hosts: Telnet. • File transfer: File Transfer Protocol (FTP) & Trivial File Transfer Protocol (TFTP). • Electronic mail transport: Simple Mail Transfer Protocol (SMTP). • Networking support: Domain Name System (DNS). • Host initialization: BOOTP. • Remote host management: Simple Network Management Protocol (SNMP), Common Management Information Protocol over TCP (CMOT). Prof. Kirti Ahirrao 5
Security-Enhanced Application Layer Protocol • Secure Shell (SSH) is a widely used and deployed protocol that serves as a secure replacement for terminal access and file transfer. • DNS Security, or DNSSEC in short, refers to a set of security extensions and enhancements for DNS. • Furthermore, there are several cryptographic file systems that have been developed and proposed in the past, e.g: Cryptographic File System (CFS) and the Andrew File System (AFS). • The starting point was the specification of the Secure Hypertext Transfer Protocol (S-HTTP) that had been developed and was originally proposed by Eric Rescorla and Allan Schiffman on behalf of the CommerceNet consortium in the early 1990s. • S-HTTP version 1.0 was publicly released in June 1994 and distributed by the CommerceNet consortium. • Since 1995, the S-HTTP specification has been further refined under the auspices of the IETF WTS WG. Prof. Kirti Ahirrao 6
Authentication & Key Agreement System(AKA) • It is a security protocol used in 3G networks. • It is used for one-time password generation mechanism for digest access authentication. • AKA is a challenge-response based mechanism that uses symmetric cryptography. • AKA also called as 3G Authentication or Enhanced Subscriber Authorization (ESA). • AKA works in CDMA(Code Division Multiplex Access) & UMTS(Universal Mobile telecommunications System). Prof. Kirti Ahirrao 7
AKA in CDMA 1. It provides procedures for mutual authentication of the Mobile Station (MS) and serving system. 2. The successful execution of AKA results in the establishment of a security association (i.e., set of security data) between the MS and serving system that enables a set of security services to be provided. 3. Major advantages of AKA over CAVE-based authentication include: • Larger authentication keys (128-bit ) • Stronger hash function (SHA-1) • Support for mutual authentication • Support for signaling message data integrity • Support for signaling information encryption • Support for user data encryption Prof. Kirti Ahirrao 8
AKA in UMTS • This performs authentication and session key distribution in Universal Mobile Telecommunications System (UMTS) networks. • It is a challenge-response based mechanism that uses symmetric cryptography. • It is typically run in a UMTS IP Multimedia Services Identity Module (ISIM), which is an application on a UICC (Universal Integrated Circuit Card). • AKA is defined in RFC 3310 Prof. Kirti Ahirrao 9
Layered Security Protocol • Layered security, also known as layered defense. • It describes the practice of combining multiple mitigating security controls to protect resources and data. • Layered security can be used in any environment, from military operations, to individuals, and community residents (homeowners, neighborhood watch groups, etc). • In other words, "layered security is the practice of using many different security controls at different levels to protect assets. • This provides strength and depth to reduce the effects of a threat. • Your goal is to create redundancies (backups) in case security measures fail, are bypassed, or defeated. Placing assets in the innermost perimeter will provide layers of security measures at increasing distances from the protected asset. • The number of layers and the security measures you use, will depend on the threat and importance of the asset". Prof. Kirti Ahirrao 10
Layered security Prof. Kirti Ahirrao 11
References: • en.wikipedia.org/wiki/ • www.f5.com/services/ Prof. Kirti Ahirrao 12
Thank You Prof. Kirti Ahirrao 13

Recommended

OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itlavakumar Thatisetti
 

Recommended

OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
What is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itWhat is Cryptography and Types of attacks in it
What is Cryptography and Types of attacks in itlavakumar Thatisetti
 
Network management and security
Network management and securityNetwork management and security
Network management and securityAnkit Bhandari
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Email security
Email securityEmail security
Email securityIndrajit Sreemany
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
S/MIME
S/MIMES/MIME
S/MIMEmaria azam
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography pptThushara92
 
Security models
Security models Security models
Security models LJ PROJECTS
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security Shreedevi Tharanidharan
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniquesIGZ Software house
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
saag-3.ppt
saag-3.pptsaag-3.ppt
saag-3.pptHazemElabed2
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 

More Related Content

What's hot

Network management and security
Network management and securityNetwork management and security
Network management and securityAnkit Bhandari
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacyPawan Arya
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography pptThushara92
 
Security models
Security models Security models
Security models LJ PROJECTS
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 

What's hot (20)

Network management and security
Network management and securityNetwork management and security
Network management and security
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
Email security
Email securityEmail security
Email security
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Network attacks
Network attacksNetwork attacks
Network attacks
 
S/MIME
S/MIMES/MIME
S/MIME
 
Network security
Network securityNetwork security
Network security
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography ppt
 
Security models
Security models Security models
Security models
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 

Similar to Application layer security protocol

Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxTypes of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxwillcoxjanay
 
computer architecture.ppt
computer architecture.pptcomputer architecture.ppt
computer architecture.pptPandiya Rajan
 
Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)Alexander Decker
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of buildingChuck Speicher
 
Multilayer security mechanism in computer networks
Multilayer security mechanism in computer networksMultilayer security mechanism in computer networks
Multilayer security mechanism in computer networksAlexander Decker
 
11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networks11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networksAlexander Decker
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017FRSecure
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric blockijcisjournal
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMijcisjournal
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocolsOnline
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsDamien Magoni
 

Similar to Application layer security protocol (20)

saag-3.ppt
saag-3.pptsaag-3.ppt
saag-3.ppt
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
 
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docxTypes of Networks Week7 Part4-IS RevisionSu2013 .docx
Types of Networks Week7 Part4-IS RevisionSu2013 .docx
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
 
computer architecture.ppt
computer architecture.pptcomputer architecture.ppt
computer architecture.ppt
 
Chapter 1.ppt
Chapter 1.pptChapter 1.ppt
Chapter 1.ppt
 
Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)Multilayer security mechanism in computer networks (2)
Multilayer security mechanism in computer networks (2)
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
 
security issue
security issuesecurity issue
security issue
 
Multilayer security mechanism in computer networks
Multilayer security mechanism in computer networksMultilayer security mechanism in computer networks
Multilayer security mechanism in computer networks
 
11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networks11.multilayer security mechanism in computer networks
11.multilayer security mechanism in computer networks
 
cns unit 1.pptx
cns unit 1.pptxcns unit 1.pptx
cns unit 1.pptx
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
 
Network security
Network securityNetwork security
Network security
 
Lecture 07 networking
Lecture 07 networkingLecture 07 networking
Lecture 07 networking
 
Implement a novel symmetric block
Implement a novel symmetric blockImplement a novel symmetric block
Implement a novel symmetric block
 
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMIMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHM
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Network security
Network securityNetwork security
Network security
 

More from Kirti Ahirrao

Internet layer security protocol & IPsec
Internet layer security protocol & IPsecInternet layer security protocol & IPsec
Internet layer security protocol & IPsecKirti Ahirrao
 
Network access layer security protocol
Network access layer security protocolNetwork access layer security protocol
Network access layer security protocolKirti Ahirrao
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Kirti Ahirrao
 

More from Kirti Ahirrao (6)

BusTopolgy.pptx
BusTopolgy.pptxBusTopolgy.pptx
BusTopolgy.pptx
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
 
Firewall traversals
Firewall traversalsFirewall traversals
Firewall traversals
 
Internet layer security protocol & IPsec
Internet layer security protocol & IPsecInternet layer security protocol & IPsec
Internet layer security protocol & IPsec
 
Network access layer security protocol
Network access layer security protocolNetwork access layer security protocol
Network access layer security protocol
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)
 

Recently uploaded

Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 

Recently uploaded (20)

Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 

Application layer security protocol

  • 2. Index: • Introduction to Application Layer • Types of Application Layer Protocols • Security-Enhanced Application Layer Protocol • Authentication & Key Distribution System • AKA in CDMA & UMTS • Layering Security Protocol above the Application Layer Prof. Kirti Ahirrao 2
  • 3. Application Layer • It is an abstraction layer. • It specifies the shared communications protocols. • It uses interface methods by hosts in a communications network. • The application layer abstraction used in both of the standard models : TCP/IP suite & OSI model. Prof. Kirti Ahirrao 3
  • 4. Application Layer • It is the closest layer to the end user, • It provides hackers with the largest threat surface. • Poor app layer security can lead to performance and stability issues, data theft, and in some cases the network being taken down. • Application layer attacks include distributed denial-of-service attacks (DDoS) attacks, HTTP floods, SQL injections, cross-site scripting, parameter tampering. • Most organizations have application layer security protections, such as web application firewalls (WAFs), secure web gateway services, and others. Prof. Kirti Ahirrao 4
  • 5. Types of Application Layer Protocol • Remote login to hosts: Telnet. • File transfer: File Transfer Protocol (FTP) & Trivial File Transfer Protocol (TFTP). • Electronic mail transport: Simple Mail Transfer Protocol (SMTP). • Networking support: Domain Name System (DNS). • Host initialization: BOOTP. • Remote host management: Simple Network Management Protocol (SNMP), Common Management Information Protocol over TCP (CMOT). Prof. Kirti Ahirrao 5
  • 6. Security-Enhanced Application Layer Protocol • Secure Shell (SSH) is a widely used and deployed protocol that serves as a secure replacement for terminal access and file transfer. • DNS Security, or DNSSEC in short, refers to a set of security extensions and enhancements for DNS. • Furthermore, there are several cryptographic file systems that have been developed and proposed in the past, e.g: Cryptographic File System (CFS) and the Andrew File System (AFS). • The starting point was the specification of the Secure Hypertext Transfer Protocol (S-HTTP) that had been developed and was originally proposed by Eric Rescorla and Allan Schiffman on behalf of the CommerceNet consortium in the early 1990s. • S-HTTP version 1.0 was publicly released in June 1994 and distributed by the CommerceNet consortium. • Since 1995, the S-HTTP specification has been further refined under the auspices of the IETF WTS WG. Prof. Kirti Ahirrao 6
  • 7. Authentication & Key Agreement System(AKA) • It is a security protocol used in 3G networks. • It is used for one-time password generation mechanism for digest access authentication. • AKA is a challenge-response based mechanism that uses symmetric cryptography. • AKA also called as 3G Authentication or Enhanced Subscriber Authorization (ESA). • AKA works in CDMA(Code Division Multiplex Access) & UMTS(Universal Mobile telecommunications System). Prof. Kirti Ahirrao 7
  • 8. AKA in CDMA 1. It provides procedures for mutual authentication of the Mobile Station (MS) and serving system. 2. The successful execution of AKA results in the establishment of a security association (i.e., set of security data) between the MS and serving system that enables a set of security services to be provided. 3. Major advantages of AKA over CAVE-based authentication include: • Larger authentication keys (128-bit ) • Stronger hash function (SHA-1) • Support for mutual authentication • Support for signaling message data integrity • Support for signaling information encryption • Support for user data encryption Prof. Kirti Ahirrao 8
  • 9. AKA in UMTS • This performs authentication and session key distribution in Universal Mobile Telecommunications System (UMTS) networks. • It is a challenge-response based mechanism that uses symmetric cryptography. • It is typically run in a UMTS IP Multimedia Services Identity Module (ISIM), which is an application on a UICC (Universal Integrated Circuit Card). • AKA is defined in RFC 3310 Prof. Kirti Ahirrao 9
  • 10. Layered Security Protocol • Layered security, also known as layered defense. • It describes the practice of combining multiple mitigating security controls to protect resources and data. • Layered security can be used in any environment, from military operations, to individuals, and community residents (homeowners, neighborhood watch groups, etc). • In other words, "layered security is the practice of using many different security controls at different levels to protect assets. • This provides strength and depth to reduce the effects of a threat. • Your goal is to create redundancies (backups) in case security measures fail, are bypassed, or defeated. Placing assets in the innermost perimeter will provide layers of security measures at increasing distances from the protected asset. • The number of layers and the security measures you use, will depend on the threat and importance of the asset". Prof. Kirti Ahirrao 10
  • 13. Thank You Prof. Kirti Ahirrao 13